Alerts This Week
Warning Icon 1 640
Alerts This Week
Warning Icon 1 640

SUSE Linux Micro 6.0: 2025:20013-1 moderate: podman dependency issue

suse
Calendar Grey June 4, 2025
Dist Suse Esm H88
Podman receives a notable security enhancement addressing four vulnerabilities, one of which pertains to the exposure of confidential log data.
* bsc#1227052 Cross-References: * CVE-2024-1753 * CVE-2024-24786

Summary

## This update for podman fixes the following issues: * CVE-2024-6104: Fixed dependency issue with go-retryablehttp: url might write sensitive information to log file (bsc#1227052). * Update to version 4.9.5: * Bump to v4.9.5 * Update release notes for v4.9.5 * fix "concurrent map writes" in network ls compat endpoint * [v4.9] Fix for CVE-2024-3727 * Disable failing bud test * CI Maintenance: Disable machine tests * [CI:DOCS] Allow downgrade of WiX * [CI:DOCS] Force WiX 3.11 * [CI:DOCS] Fix windows installer action * Bump to v4.9.5-dev * Bump to v4.9.4 * Update release notes for v4.9.4 * [v4.9] Bump Buildah to v1.33.7, CVE-2024-1753, CVE-2024-24786 * Add farm command to commands list * Bump to FreeBSD 13.3 (13.2 vanished) * Update health-start-periods docs * Don't update health check status during initialDelaySeconds

References

* bsc#1227052

Cross-

* CVE-2024-1753

* CVE-2024-24786

* CVE-2024-3727

* CVE-2024-6104

CVSS scores:

* CVE-2024-1753 ( SUSE ): 8.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

* CVE-2024-1753 ( NVD ): 8.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

* CVE-2024-24786 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

* CVE-2024-24786 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

* CVE-2024-3727 ( SUSE ): 8.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

* CVE-2024-3727 ( NVD ): 8.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

* CVE-2024-6104 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N

* CVE-2024-6104 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Affected Products:

* SUSE Linux Micro 6.0

Announcement ID: SUSE-SU-2025:20013-1
Release Date: 2025-02-03T08:48:39Z
Rating: moderate

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here